Command to migrate DB data from v1.0.0 to v2.0.0
#77
Conversation
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
from
85fbda3 to
ed27159
Compare
|
hi @WarmBeer, I'm working on transferring user data. I've done all except the password. Since the hashing algorithm has changed from Pbkdf2 to Argon2, I have to think about how to move the data. I think the best way to do it would be to add a new column to the database with the type of hashing used and use the old method until the user changes the password. What do you think? cc @da2ce7 |
|
Hey @josecelano , I think we should revert back to Pbkdf2, since we are dropping username/password authentication in the future anyway in favour of torrust/teps#8. |
Users do not need to change their password to change the password hashing algorithm: The only need to present with a valid password.
Optional: Generate new password nonce and calculated password hash in "Argon2". Make an atomic transaction that inserts the new hashed-password-and-nounce, and drops the old one. I think that it is too-late to move away from "Argon2", as there might be people who use our unreleased v.2 that have active users in this format. |
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
from
158e957 to
4afd4a5
Compare
I did not know we were using the PHC string format since version v1.0.0. That means we have values like this in the password hash value in the DB. I only had to import the hash from the old DB to the new DB field and change the NOTE: that means we do not need to have two columns for both hash types and a third one with the name of the algorithm used. In the previous example: pub fn verify_password(
password: &[u8],
user_authentication: &UserAuthentication,
) -> Result<(), ServiceError> {
// wrap string of the hashed password into a PasswordHash struct for verification
let parsed_hash = PasswordHash::new(&user_authentication.password_hash)?;
match parsed_hash.algorithm.as_str() {
"argon2id" => {
if Argon2::default()
.verify_password(password, &parsed_hash)
.is_err()
{
return Err(ServiceError::WrongPasswordOrUsername);
}
Ok(())
}
"pbkdf2-sha256" => {
if Pbkdf2.verify_password(password, &parsed_hash).is_err() {
return Err(ServiceError::WrongPasswordOrUsername);
}
Ok(())
}
_ => Err(ServiceError::WrongPasswordOrUsername),
}
}We can upgrade the hash when the user logs in if we want. Should I do it now in this PR? Are we going to do it? I would do it to keep things simple. But I would do it in a new minor release (v2.1.0). It's an optional feature, and I would prefer to make the minimum amount of changes in this upgrade. We are already doing a lot of changes. |
|
@josecelano Assisting the current date for the registration data is a loss of information. I suggest that we have that field to be optional, and have a new entry that contains the date of import. |
hi @da2ce7, Yes, It does not make sense at all. Probably I was thinking about creating a new site as if the users were registered at that moment (but the migration has to be transparent to the user). I realised later, but I have not changed it yet. I think your suggestion is the right way to do it. Besides, I wanted to propose another change for the future. It would be nice to have "created_at" and "updated_at" fields in all the tables. I think that could help to debug bugs. Ideally, we could get that info from the log, but it's very useful information when you are trying to know what happened, and it's very handy to have it on the table. |
|
hi @WarmBeer It seem this table was not used at all: I see the migration in this commit 6d66a0a, but I do not see any DB query to use it. Could you confirm it? |
|
Hi @josecelano , The table is being used here: https://github.com/torrust/torrust-index-backend/blob/e8a6fe75654e769d4d12b49d77bae1ff159bc13c/src/databases/mysql.rs#L416 Which is part of this function: |
Sorry @WarmBeer, I did not explain it well. I mean, it was created before release |
|
Oh sorry @josecelano, you are right. This table is not used at all prior to V2. |
|
hi @WarmBeer, two questions:
|
hi @WarmBeer @da2ce7, I'm done with transferring the data. Now I want to refactor a little bit and make some tests with more data and cases. And improve the documentation. @WarmBeer a part for the previous questions (1 and 2) I have one more:
|
|
Hi @josecelano , Sorry for the late response.
In both V1 and V2, torrents are always public on the torrent index. There is currently nothing in place to restrict viewing rights. But If you are talking about the .torrent metadata setting, then no. The private flag would just be inside the .torrent file for V1, where in V2 it is in the database.
I do not actively remember making this change and what drove that decision. But I suppose it doesn't matter 😅.
Good find. This is indeed a mistake. I will open a PR to prioritize the announce_list field over the announce field. |
|
I usually prefer lowercase in the database and uppercase in the frontend. |
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
from
231ba87 to
096e296
Compare
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
3 times, most recently
from
0eef98f to
7905fd9
Compare
|
hi @WarmBeer, I've added a test to check that one torrent is transferred well from the old DB and file to the new. The torrent I use in the test is a torrent:
I want to add a second test with a new torrent:
But I do not know how to force those options (root_hash, announce, and MD5 checksum) using the BitTorrent client:
I want to cover all cases with two torrents if possible. Do you know how I can create a torrent with those fields? That's the last automatic test I want to add. After that, I will test the migrated DB with a running app. |
Hey @josecelano , I'm sorry but I don't know of any alternative Torrent file creation tools that do support these extensions or Bittorrent V2. Even qBittorrent does not show any options for creating V2 torrent files. |
|
hey @WarmBeer, I did not know we don't support The BitTorrent Protocol Specification v2 - BEP52. I'm going to assume we only have torrents in version V1. If that's the case I'm almost doe with tests. On the other hand, do you know why the pub struct TorrentInfo {
pub name: String,
#[serde(default)]
pub pieces: Option<ByteBuf>,
#[serde(rename = "piece length")]
pub piece_length: i64,
#[serde(default)]
pub md5sum: Option<String>,
#[serde(default)]
pub length: Option<i64>,
#[serde(default)]
pub files: Option<Vec<TorrentFile>>,
#[serde(default)]
pub private: Option<u8>,
#[serde(default)]
pub path: Option<Vec<String>>,
#[serde(default)]
#[serde(rename = "root hash")]
pub root_hash: Option<String>,
}I do not see any reference to that field in https://www.bittorrent.org/. |
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
from
0810f4a to
f9baa2c
Compare
Extract different testers for every type of data transferred.
We do not need to read migrations from dir becuase they are not going to change for verion v1.0.0.
The application now supports two hashing methods: - "pbkdf2-sha256": the old one. Only for imported users from DB version v1.0.0. - "argon2": the new one for registered users.
Imported users from DB version v1.0.0 (only SQLite) do not have a "date_registered" field. WE have to copy that behavior in MySQL even if we do not have users imported from from previous versions in MySQL. Support for MySQL was added after the version v1.0.0.
Instead of regenerating ID sequence we keep the category id. Becuase we were keeping IDs for all tables except for this one. @ldpr helped testing the migration script and found the issue with the categories IDs. Co-authored-by: ldpr <[email protected]>
josecelano
force-pushed
the
issue-56-db-migration-command-from-v1-to-v2
branch
from
3c40e67 to
5a7d875
Compare
|
ACK 5a7d875 |
|
Hi @WarmBeer @da2ce7 @ldpr, I've changed my mind. Instead of importing stats automatically from the tracker, I've created a new console command to do it manually and optionally. cargo run --bin import_tracker_statisticsYou can run that command after running the upgrader if you want to pre-fill the stats cache table ( The reason is that after merging #87 the app works fine again, showing all torrents on the list even if they do not have stats yet. The app imports stats:
You can decide if you want to pre-populate the table or let the app fill it up. |
Depends on: #87
I've created the basic scaffolding of the command. My plan is:
uploadsdir.Potential problems are:
UPDATE 2022-11-30
Tasks
torrent_categoriestorrent_usertoday_iso8601function instead of only the datetorrent_tracker_keysupgrades. We do not need the MySQL stuff for this migration. There was no MySQL support for versionv1.0.0torrent_torrents. See below the subtasks for this tasktorrent_torrent_files. It was not used inv1.0.0registration_dateoptional and leave it empty for imported usersimported_dateto thetorrust_userstable with the importation date for user records imported with this commanddestinyDB totargetDB.Subtasks from issue #84
This rework is needed because @ldpr found a bug in the current version that affects the upgrader. We have to fix that bug and update the "upgrader".
torrust_torrent_tracker_stats::tracker_urlcolumn. DISCARDED.torrust_torrent_tracker_statswith one record per torrent.Transfer torrents subtasks
torrust_torrentstorrust_torrent_filestorrust_torrent_announce_urlstorrust_torrent_infoTesting subtasks
Assertions for integration test:
torrust_userstabletorrust_user_authenticationtabletorrust_user_profilestabletorrust_tracker_keystabletorrust_torrentstabletorrust_torrent_filestabletorrust_torrent_infotabletorrust_torrent_announce_urlstableSome cases to test:
pieces.Using a single tracker URL or multiple URLs:
announce(single tracker url).announce_list(multiple tracker URLs).Containing one file or multiple files:
Add tests for the application behaviour changed:
Things I'm not going to test:
root_hash(BEP-0030).